Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
Hello. May I limit access to SSH on my SRX to internal network only by this ?:
ssh { interface vlan.0; }
Seems to be I can't... Or must I create policies and filters for this ?
In SRX, its recommended to create filters when we want to allow ssh from specific IPs or you can use host-inbound option when you want to allow ssh from particular zone/interface.
Thanks,
SHKM
Hello
Filters and policies are required to control SSH access at granlular level(specific address etc..)
Since it is SRX, you have the flexibity to control SSH access at zone level.
You could bind vlan.0 interface to a zone and allow host-inbound-traffic for that specific zone only.
Reference:
http://www.juniper.net/techpubs/software/junos-security/junos-security10.2/junos-security-swconfig-security/topic-41194.html
Regards,
Raveen